<?

function _app_verify_object_role ($options, &$_APP_OBJECT_MODULES, &$_APP_RESTRICT) {

	/*
	 *
	 * check to see if the module is set in the global
	 * $_APP_OBJECT_MODULES variable
	 *
	 */
        if (isset ($_APP_OBJECT_MODULES[$options["module"]])) {
        
		/* match user role access against module access level */
                if (_app_eval_object_level (
                                $_APP_OBJECT_MODULES[$options["module"]]->access,
                                $_APP_OBJECT_MODULES[$options["module"]]->role_access))
                        
			/*
			 *
			 * match module access against the lowest access 
			 * restriction identified by $_APP_RESTRICT
			 * and return access
			 *
			 */
                        return _app_eval_object_level (
                                        $_APP_OBJECT_MODULES[$options["module"]]->access,
                                        $_APP_RESTRICT);

		/*
		 *
		 * access is not mentioned in the module
		 * then set restriction
		 *
		 */
		else return false;
        }

	/*
	 *
	 * otherwise access is not mentioned in the roles and 
	 * estriction is in place
	 *
	 */
        return false;
}

function _app_verify_object_right ($options, &$_APP_OBJECT_MODULES, &$_APP_RESTRICT) {

        global $_GLOBAL_DBH;
        
	/*
	 *
	 * verify object right access against user role. return
	 * false if access is not granted
	 *
	 */
        if (!_app_verify_object_role ($options, $_APP_OBJECT_MODULES, $_APP_RESTRICT)) return false;

	if (!isset ($options["right"])) return true;
       
	/* get current request module properties based on the options parameter */
        $module = &$_APP_OBJECT_MODULES[$options["module"]];
        
	/* set the module's associative right_access array if one does not exists */
        if (!isset ($module->right_access)) $module->right_access = array ();
        
	/*
	 *
	 * if associative right exists then get it and verify access and
	 * return. this is so that we don't have to extract the
	 * right access for every check to it.
	 *
	 */
        if (isset ($module->right_access[$options["right"]])) {
                
                if (_app_eval_object_level (
                                $module->right_access[$options["right"]]->access,
                                $module->role_access))
                
                        return _app_eval_object_level (
                                        $module->right_access[$options["right"]]->access,
                                        $_APP_RESTRICT);
                else return false;
	}
        
	/*
	 *
	 * prepare right access sql query based on the options
	 * right_access and right key
	 *
	 */
        $right = $_GLOBAL_DBH->query ($query = sprintf (
			$options["right_request"],
			$options["right"],
			$module->id));

	if ($_GLOBAL_DBH->num_rows ($right)) {
                

		/*
		 *
		 * set associated right object to the right access of
		 * the module
		 *
		 */
                $right = $_GLOBAL_DBH->fetch_object ($right);
                $module->right_access[$right->code] = $right;


		/*
		 *
		 * check right access against module role access.
		 * if access is granted check check againsts $_APP_RESTRICT 
		 *
		 */
                if (_app_eval_object_level ($right->access, $module->role_access))
                    
                            return _app_eval_object_level ($right->access,
                                            $_APP_RESTRICT);
                else return false;
        } else {
	
		/*
		 *
		 * return access check against the module access
		 * if no right access is in place.
		 *
		 */
		return _app_eval_object_level ($module->role_access, $_APP_RESTRICT);
	}
		
}

function _app_verify_data_rights ($options, &$_APP_OBJECT_MODULES, &$_APP_RESTRICT) {

        global $_GLOBAL_DBH;

	/*
	 *
	 * verify object data access against user role. return false
	 * if access is not granted
	 *
	 */
        if (!_app_verify_object_right ($options, $_APP_OBJECT_MODULES, $_APP_RESTRICT)) return false;

	if (!isset ($options["data"])) return true;
        
	/*
	 * 
	 * get current request module properties based on
	 * the options parameter
	 *
	 */
        $module = &$_APP_OBJECT_MODULES[$options["module"]];
        
	/*
	 *
	 * get current request right properties based on
	 * the options parameter
	 *
	 */
	$right = &$module->right_access[$options["right"]];

	/*
	 *
	 * set the module's associative right_data_access array
	 * if one does not exists
	 *
	 */
        if (!isset ($right->data_access)) $right->data_access = array ();
        
	/*
	 *
	 * if associative data right exists then get it and verify access
	 * and return. this is so that we don't have to extract the
	 * data right access for every check to it.
	 */
        if ($right->data_access[$options["data"]]) {
        
                if (_app_eval_object_level (
				$right->data_access[$options["data"]]->access,
                                $module->role_access))

                        return (_app_eval_object_level (
					$right->data_access[$options["data"]]->access,
                                       	$_APP_RESTRICT));
                else return false;
        }
        
	/*
	 *
	 * prepare right data access sql query based on the options
	 * right_data_access and data key
	 *
	 */
        $data = $_GLOBAL_DBH->query ($query = sprintf (
			$options["data_request"],
			$options["data"],
			$right->id));

        if ($_GLOBAL_DBH->num_rows ($data)) {
                
		/*
		 *
		 * set associated data object to the data access
		 * of the module right
		 *
		 */
                $data = $_GLOBAL_DBH->fetch_object ($data);
                $right->data_access[$options["data"]] = $data;

		/*
		 *
		 * check data access against module role access.
		 * if access is granted check check againsts $_APP_RESTRICT 
		 *
		 */
                if (_app_eval_object_level ($data->access, $module->role_access))
                        return _app_eval_object_level ($data->access, $_APP_RESTRICT);
                else return false;
        } else {
	
		/*
		 *
		 * return access check against the module access
		 * if no right access is in place.
		 *
		 */
		return _app_eval_object_level ($right->access, $module->role_access);
	}
}

function _app_verify_object_data_right ($options) {

        global $_APP_USER_MODULES;
        global $_APP_WG_MODULES;
        global $_APP_SESSION_USER;

	return true;
	//if ($_APP_SESSION_USER->id == 1) return true;
	/* return (_app_verify_data_rights (array_merge ($options, array(
			"data_request"=>"SELECT data.* FROM data WHERE code='%s' AND right_id=%s",
			"right_request"=>"SELECT rights.* FROM rights WHERE code='%s' AND module_id=%s")),
			$_APP_USER_MODULES, $_APP_SESSION_USER->realm)); */

	$_modules = array ();
	$_modules[] = array (
		"request"=>array_merge ($options, array(
			"data_request"=>"SELECT data.* FROM data WHERE code='%s' AND right_id='%s'",
			"right_request"=>"SELECT rights.* FROM rights WHERE code='%s' AND module_id='%s'")),
		"modules"=>&$_APP_USER_MODULES,
		"restrict"=>$_APP_SESSION_USER->realm);

	/* $_modules[] = array (
		"request"=>array_merge ($options, array(
			"data_request"=>"SELECT workgroup_role_right_data.* FROM workgroup_role_right_data,data WHERE code='%s' AND right_id='%s' AND workgroup_role_right_data.data_id=data.id",
			"right_request"=>"SELECT workgroup_role_rights.*,rights.id FROM workgroup_role_rights,rights WHERE code='%s' AND module_id='%s' AND right_id=rights.id")),
		"modules"=>&$_APP_WG_MODULES,
		"restrict"=>$_APP_USER_MODULES[$options["module"]]->role_access); */
		//"restrict"=>"exclusive");

	foreach ($_modules as $module) {

		if (_app_verify_data_rights ($module["request"],$module["modules"],$module["restrict"])) continue;
		else return false;
	}

	return true;
}

function _app_eval_object_level ($access, $access_check) {

        $access_match = array (
                "exclusive"=>"exclusive|private|public",
                "private"=>"private|public",
                "public"=>"public",
                //""=>"",
        );
        
        /* if (preg_match ("/{$access_match[$access_check]}/", $access)) {print "ACCESS ALLOWED<BR>"; return true; }
        else { "ACCESS DENIED<BR>"; return false; } */

        if (preg_match ("/{$access_match[$access_check]}/", $access)) return true;
        else return false;
}

function _app_verify_fieldset_access ($fieldset, $data_access=null) {

        return _app_verify_object_data_right ($values = array(
                        module=>$fieldset->get_access("module"),
                        right=>$fieldset->get_access("right"),
                        data=>($data_access ? $data_access :
                                  $fieldset->get_access("data"))));
        return true;
    
}

function _app_create_tabbing_container ($options) {

	$tc_tabbing_id = $options["tc_tabbing_id"];

	$_OBJECT_IFACE_TABBING_CONTAINER = new Container ();
	$_OBJECT_IFACE_TABBING_CONTAINER->set_callback_begin ("_app_tabbing_container_begin");
	$_OBJECT_IFACE_TABBING_CONTAINER->set_callback_end ("_app_tabbing_container_end");
	$_OBJECT_IFACE_TABBING_CONTAINER->set_variable ("tc_tabbing_container", $tc_tabbing_id);

	$_OBJECT_IFACE_TABBING = new Container ();
	$_OBJECT_IFACE_TABBING->set_callback_begin ("_app_tabbing_tabs_begin");
	$_OBJECT_IFACE_TABBING->set_callback_end ("_app_tabbing_tabs_end");
	$_OBJECT_IFACE_TABBING->set_variable ("tc_tabbing_tabs", $tc_tabbing_id . "_tabs");

	$_OBJECT_IFACE_TABBING_PANEL = new Container ();
	$_OBJECT_IFACE_TABBING_PANEL->set_callback_begin ("_app_tabbing_panel_begin");
	$_OBJECT_IFACE_TABBING_PANEL->set_callback_end ("_app_tabbing_panel_end");
	$_OBJECT_IFACE_TABBING_PANEL->set_variable ("tc_tabbing_panel", $tc_tabbing_id . "_panel");
	return array (
			$_OBJECT_IFACE_TABBING_CONTAINER,
			$_OBJECT_IFACE_TABBING,
			$_OBJECT_IFACE_TABBING_PANEL
		);
}

function _app_create_tabbing_object ($options) {
	
	$fs_tab_id = $options["fs_tab_id"];
	$fs_tab_key = $options["fs_tab_key"];
	$fs_tab_value = $options["fs_tab_value"];
	$fs_tabs = $options["fs_tabs"];
	$fs_tab_default = $options["fs_tab_default"];
	$fs_tab_hide_one = $options["fs_tab_hide_one"];
	//$fs_action = isset ($options["fs_action"]) ? $options["fs_action"] : "fs_action";

	//if (preg_match ("/create|addnew/", $_REQUEST[$fs_action])) return null;

	if (!isset ($_REQUEST[$fs_tab_id]) && !$fs_tab_default) return null;

	$_OBJECT_TABBING = new Container ();
	$_OBJECT_TABBING->set_callback_begin ("_app_tabbing_begin");
	$_OBJECT_TABBING->set_callback_end ("_app_tabbing_end");

	foreach ($fs_tabs as $tab) {

		if (isset ($tab["access"]) &&
				!_app_verify_object_data_right($tab["access"]))
		
			continue;
		$i++;
		
		$_OBJECT_TAB = new Container ();

		$_OBJECT_TAB->set_callback_begin ("_app_tab");
		$_OBJECT_TAB->set_option ("callback_end", 0);

		$_OBJECT_TAB->set_variable ("label", $tab["label"]);
		$_OBJECT_TAB->set_variable ("wrapper", $tab["wrapper"]);
		$_OBJECT_TAB->set_variable ("fs_tab", $tab["fs_tab"]);
		$_OBJECT_TAB->set_variable ("fs_tab_id", $fs_tab_id);
		$_OBJECT_TAB->set_variable ("primary_key", $fs_tab_key);
		$_OBJECT_TAB->set_variable ("primary_value", $fs_tab_value);
		$_OBJECT_TAB->set_variable ("options", $tab["options"]);

		if ((!isset ($_REQUEST[$fs_tab_id]) &&
				$tab["fs_tab"] == $fs_tab_default) ||
				($tab["fs_tab"] == $_REQUEST[$fs_tab_id])) {

			$_OBJECT_TAB->set_variable ("class", "vmc_tabbing_a");
		} else {

			$_OBJECT_TAB->set_variable ("class", "vmc_tabbing_b");
		}

		if ($tab["row_split"]) {

			$_OBJECT_TAB_SPLIT = new Container ();

			$_OBJECT_TAB_SPLIT->set_callback_begin ("_app_tab_row_split");
			$_OBJECT_TAB_SPLIT->set_option ("callback_end", 0);

			$_OBJECT_TABBING->insert_container ($_OBJECT_TAB_SPLIT);
		}

		$_OBJECT_TABBING->insert_container ($_OBJECT_TAB);
	}

	/* remove tabbing if only one tab is visible */
	if ($fs_tab_hide_one) return (($i > 1) ? $_OBJECT_TABBING : null);
	else return $_OBJECT_TABBING;
}

function _app_mail_send_message ($options) {

	# -=-=-=- PHP FORM VARIABLES (add as many as you would like)
	
	$name = $options["name"];
	$email = $options["email"];
	$subject = $options["subject"];
	
	# -=-=-=- MIME BOUNDARY
	
	$mime_boundary = "----VLAZE_MEDIA_INC----".md5(time());
	
	# -=-=-=- MAIL HEADERS
	
	$headers = <<<HEADERS_MAIL
From: Vlaze Media Projects<admin@vlazemedia.com>
Reply-To: Vlaze Media Projects<admin@vlazemedia.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="{$mime_boundary}"

HEADERS_MAIL;

	
	# -=-=-=- TEXT EMAIL PART
	
	$message =<<<TEXT_MAIL
--{$mime_boundary}
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit


{$options["text_body"]}


TEXT_MAIL;
	# -=-=-=- HTML EMAIL PART
	 
	$message .=<<<HTML_MAIL
--{$mime_boundary}
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 8bit


{$options["html_body"]}


HTML_MAIL;
	
	# -=-=-=- FINAL BOUNDARY
	
	$message .=<<<MIME_BOUNDARY
--{$mime_boundary}--

MIME_BOUNDARY;
	
	# -=-=-=- SEND MAIL
	
	$mail_sent = @mail( $email, $subject, $message, $headers );
	#echo $mail_sent ? "Mail sent" : "Mail failed";
}

?>
